Existing Member

Join Reseller News

Ingram Micro helps businesses fully realize the promise of technology™—helping them maximize the value of the technology that they make, sell or use. With its vast global infrastructure and focus on cloud, mobility, supply chain and technology solutions, Ingram Micro enables business partners to operate more efficiently and successfully in the markets they serve.

No other company delivers as broad and deep a spectrum of technology and supply chain services to businesses around the world. Founded in 1979, Ingram Micro’s role as a leader and innovator in technology and supply chain services has fueled its rise to the 69th ranked corporation in the FORTUNE 500®Learn more

Why SSL inspection needs to become the new standard for businesses

In a world where data security is key, it is vitally important that every business has the best protection possible for its incoming and outgoing data and that means using Secure Sockets layer (SSL) encryption, decryption and inspection.

In a world where data security is key, it is vitally important that every business has the best protection possible for its incoming and outgoing data and that means usingSecure Sockets layer (SSL) encryption, decryption and inspection. However, it is now no longer enough to trust that encrypted data transmission is completely secure because hackers and other criminals have found a way to use it to their benefit.

Technology has reached an inflection point. Encrypted data transmission is now normal. It is no longer a complex additional function or system that costs extra. The use of SSL is now standard operating procedure but it can present challenges for security teams.

The broad uptake of encryption means some businesses have lost track of what is crossing through their gateway protection.

SSL "protected" attacks are on the rise. With almost two-thirds of internet traffic now encrypted according to a recent report produced by Gartner, it was only a matter of time before criminals, nation states and other attackers began using encryption as a shield. Unsurprisingly, nearly two-thirds of malware attacks reported in 2017 used SSL to mask the damaging payload.

Recent research by Gartner, published in this year's Global Application & Network Security Report found that 35% of companies surveyed had experienced an SSL-based attack. That is a 50% increase on the previous year. Less than a third of the companies had the ability to defend against an SSL flood attack. Almost half were unsure if they had even been attacked in this way.

A phishing email may contain a downloader file that initially seems harmless. But when launched it creates an encrypted session to a command and control server that is used to deposit malware onto your computer. When all that traffic is protected by SSL, traditional security measures can’t detect and block the malicious activity.

NSS Labs Chief Technology Officer, Jason Brvenik, said, "Encryption does not protect us from all threats and, in fact, can make it easier for the adversary. Enterprises must be concerned if they are not decrypting and inspecting SSL traffic from untrusted sources".

In other words, if you aren’t using SSL inspection there is a gaping hole in your security policies.

Full SSL inspection, also known as deep inspection, is the only way to ensure data moving in and out of your network is legitimate. Initial uptake has been relatively slow because of the high costs associated with the processing power required to decrypt data on the fly without causing significant impact on users. Products capable of deep inspection were also hard to configure and expensive.

But newer solutions, such as the Fortinet FortiGate next generation firewall, can conduct this complex operation with negligible impact on users. Other similarly capable firewall and gateway protection equipment may increase network latency by almost 3000% with a drop in throughput speed of up to 95%, according to a recent independent study by NSS Labs.

There are two ways to deploy SSL inspection depending on the nature of the environment and the risks you are mitigating. It can be used to either inspect traffic between multiple servers and clients or to protect an SSL server.

SSL inspection can be resource intensive, even on devices that use custom hardware and are specifically designed for the task. But by following best practice the inspection process can be optimised.

Having an understanding of normal traffic patterns is important. By knowing how much traffic is expected and the percentage that is encrypted, you can work out where to deploy SSL inspection. That knowledge can also be used to limit the number of policies allowing encrypted traffic or to modify your policy to apply SSL inspection only where it is needed.

Although there are many firewall and edge-protection devices offering SSL inspection, choose devices that use custom-made hardware for SSL content scanning and SSL acceleration.

Testing is important. Be selective about how SSL inspection is deployed, Choose highest-risk traffic first and then gradually enable it.

In conclusion, there is little doubt SSL inspection is an essential tool in the ongoing battle to protect data from malicious actors and must, at all cost, and be considered by all businesses.

Microsites

Featured

Slideshows

The making of an MSSP: a blueprint for growth in NZ

Partners are actively building out security practices and services to match, yet remain challenged by a lack of guidance in the market. This exclusive Reseller News Roundtable - in association with Sophos - assessed the making of an MSSP, outlining the blueprint for growth and how partners can differentiate in New Zealand.

Reseller News Platinum Club celebrates leading partners in 2018

The leading players of the New Zealand channel came together to celebrate a year of achievement at the inaugural Reseller News Platinum Club lunch in Auckland. Following the Reseller News Innovation Awards, Platinum Club provides a platform to showcase the top performing partners and start-ups of the past 12 months, with more than ​​50 organisations in the spotlight.​​​

Meet the top performing HP partners in NZ

HP has honoured its leading partners in New Zealand during 2018, following 12 months of growth through the local channel.
Unveiled during the fourth running of the ceremony in Auckland, the awards recognise and celebrate excellence, growth, consistency and engagement of standout Kiwi partners.

Related Whitepapers

Copyright 2019 IDG Communications. ABN 14 001 592 650. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of IDG Communications is prohibited.